CVE-2005-1599

The CVE-2005-1599 entry describes a cross-site scripting (XSS) flaw in Kryloff Technologies Subject Search Server (SSServer) 1.1, exploitable via the "Search For" field to inject arbitrary web script/HTML. The NVD/CVE records show a MEDIUM risk (CVSSv2: AV:N/AC:M/Au:N/C:N/I:P/A:N, base 4.3) but n...